Max: This strikes me as an uninformed opinion.
While a lot of tools don't speak IPv6, very little of the world runs IPv6 ... even though its over a decade old. Most IPv6 providers run an IPv6to4 gateway and technically all IPv6 traffic will run through a 6to4 gateway somewhere or else they would not have access to traditional IPv4 networks ... AKA the bulk of the internet. Once your traffic has gone through the gateway it is essentially classic IPv4 and thus is readable by all those tools you were trying to avoid. In my network IPv6 flat doesn't work. If you have your computer configured with an IPv6 address your traffic will not flow ... at all. So ... problem solved : ) Also, plenty of "defensive" tools support IPv6. My NSM distro of choice is SecurityOnion and it fully supports IPv6. As a final note I would hold anyone under strict suspicion who says they can move around a network undetected. You may go unnoticed for a number of reasons, but it is *literally* impossible to be undetectable on a network. And, if the network team wants to find you bad enough, they will. Trust me. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 ________________________________________ From: Max McGrath via PacketFence-users <[email protected]> Sent: Thursday, May 23, 2019 12:08 PM To: ML PF Cc: Max McGrath Subject: [PacketFence-users] NAC bypass EXTERNAL Exercise Caution Hello - I've been looking into NAC Bypass lately and came across the following: Most defensive tools exclusively look at IPv4 addresses. Forcing traffic over IPv6 yields a high chance you will go undetected and be unchallenged. Would this be true in PacketFence, or would it depend on my specific configuration? Max -- Max McGrath [https://static.licdn.com/scds/common/u/img/webpromo/btn_profile_greytxt_80x15.png] <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.linkedin.com_in_max-2Dmcgrath-2Da299124b&d=DwMFaQ&c=61yQaCoNVjQr1ah003i6yA&r=hv6FWbB_1Tauwq1un9h_XR4pflYMFHr0Ag1rvcLKIQA&m=kpvMAJTEdvMKZ0D2qE8FzWouIHwKlexZ01KQD1TSKvo&s=OTRA2r5e4HRmG2Uaf8oKT7uy56LDd0Fks4eAjh8nDvg&e=> Infrastructure and Security Manager Carthage College 262-551-6666 [email protected]<mailto:[email protected]> _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
